[VOIPSEC] An issue of trust?

Paine, Richard H richard.h.paine at boeing.com
Mon Jun 19 10:44:47 CDT 2006 

I have contributed several times on this mailing list about the need for
identity-based communications that includes a cryptographic identity on
every packet.  The opensource architecture is called the Secure Mobile
Architecture (SMA) and is published in The Open Group
(http://www.opengroup.org/bookstore/catalog/select.tpl?text=secure+mobil
e+arch). 

Having published a VOIP architecture for Boeing in 2000, I have thought
a lot about the Internet can and should handle telephony.  It is a
contention of mine that most of us will eventually almost never need,
nor use, an E.164 address.  We will, however, use a web-based directory
or SIP URL to access Internet telephony addresses.  You will find it
much easier and more convenient, in the near future, to use these
sources of addresses than to use or look up a number.  The key is the
underlying assumption (that is in contention here) is that you will
actually be getting the party that you need to talk to and not be
spoofed by other IP or MAC addresses.  The protection that you get from
an architecture that uses a cryptographic identity on every packet, the
Host Identity Protocol (HIP), a virtual directory to store and reference
the addresses, and possibly even location,  make for a complete package
of trust using authentication, authorization, and protection of IP
telephony.

Richard H. Paine
Success is getting what you want, happiness is liking what you get!
Cell:  206-854-8199
IPPhone:  425-373-8964
Email:  richard.h.paine at boeing.com 


-----Original Message-----
From: Simon Horne [mailto:s.horne at packetizer.com] 
Sent: Monday, June 19, 2006 8:11 AM
To: Randell Jesup; Geoff Devine
Cc: Voipsec at voipsa.org
Subject: Re: [VOIPSEC] An issue of trust?


Sorry to intrude...
I guess the big question here is, is VoIP Internet Telephony or
Telephony on the Internet?

There are 2 recognised standards 1 administered by Internet people
(IETF) and based on existing Internet technologies to do telephony and 1
administered by the telephony people (ITU) based on telephony to be
carried over the Internet.  You can successfully argue it both ways
however it appears the regulators have chosen to look at it one way and
a large pert of the industry to look at it another.

Simon

At 10:12 PM 19/06/2006, Randell Jesup wrote:
>"Geoff Devine" <gdevine at cedarpointcom.com> writes:
> >We lived through the denial of calling VoIP with E.164 addressing
"data"
> >for the last half-dozen years.  It should come as no surprise that 
> >your "motorcycle" is declared by the regulators to be "car".
>
>You have a point, to be sure - but that's a tough slope to sit on.  Is
>E.164 addressing what makes an it a "telephone call"?  And like I said,

>where does it end?  And if in the end the logic leads to "all internet 
>traffic" is subject (and right now that's where the FCC is heading, 
>with expanding CALEA to ISPs), why not leave the point of monitoring at

>ISPs, instead of strung out in hundreds of application domains and
providers?
>And even without CALEA, communications can be monitored by court order;

>CALEA is about requiring service providers to make it easy and in a 
>neat, easy-to-use form.
>
>What if someone creates a service for IP voice/etc communications that 
>doesn't use E.164 numbers?  (I.e. IM voice chat, straight SIP-addressed

>VoIP, in-game chat, etc.)  What if there's no "number" associated with 
>the user/endpoint?  For that matter, CALEA regulations are laced with 
>assumptions about how telephone systems work and what options are 
>available to users of them.
>
>If law enforcement and legislators want to set up "lawful intercept"
>for IP communications, they'd do far better to go and write up such a 
>bill where it can be targeted correctly for the medium, and be debated 
>properly.  Using CALEA for pure IP communications is a bit like these
>laws:
>
>Motor vehicles may not drive on city streets unless a man with a 
>lantern is wallking ahead of it.
>You must contact the police before entering the city in an automobile.
>All cars entering the city limits must first sound their horn to warn 
>the horses of their arrival.
>It is illegal for a woman to drive a car unless her husband is waving a

>flag in front of it.
>Automobiles are not to pass horse drawn carriages on the street.
>(All real, current laws - but more to the point, examples of how they 
>tried to adapt rules of the road meant for horses to automobiles at 
>first.)
>
> >You're right.  It's a perfect example. :-)
>
>
>--
>Randell Jesup, Worldgate (developers of the Ojo videophone), ex-Amiga 
>OS team rjesup at wgate.com "The fetters imposed on liberty at home have 
>ever been forged out of the weapons provided for defence against real, 
>pretended, or imaginary dangers from abroad."
>                 - James Madison, 4th US president (1751-1836)
>
>
>_______________________________________________
>Voipsec mailing list
>Voipsec at voipsa.org
>http://voipsa.org/mailman/listinfo/voipsec_voipsa.org



_______________________________________________
Voipsec mailing list
Voipsec at voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org

More information about the Voipsec mailing list